However, it would appear that these new requirements are not being applied on old systems if the words of the Department for Work and Pensions minister, Jonathan Shaw are accurate. When asked by Mark Harper MP in Parliament why the "customer information system does not meet Cabinet Office rules for personal data" he replied,
The Cabinet Office's requirements for accreditation apply only to IT systems which were introduced after 1 July 2008.So essentially the Government have decided that any system holding personal data that is over seven months old doesn't need to meet the supposedly "tough" new accreditation requirements.
4 comments:
"Department for Wok and Pensions"
I knew we had a lot of East Europeans here but I didnt know it was that far East!
That;s the annoying thing about typos which are also correctly spelt words. They don't bloody show up!
The commend from the professional fool is utter bollocks. New systems are required to meet the new requirements before being allowed in to service, older systems have a grace period. Mr Shaw should check the Cabinet Office website where the various Security Policy Framework documents are fairly explicit.
Tier 4 of SPF, which is the protectively marked version, doesn't say anything that startling.
Surely this warrants more attention than it has had currently? This is a shameful admission!
Post a Comment